- Web Server
- Control Panels
- Site Map/RSS Feeds
Today I want to focus on a topic that can lead to huge problems of hacked accounts, spam mailings etc.: Outdated Joomla installations on your server.
Of course, this is valid for other software, too. The mentioned method should work in a similar way for other software. Since Joomla is widely spread throughout the internet, especially on shared hosting systems CMS (Content Management System), this howto will only cover Joomla so far.
How To Set Up Kojoney SSH Honeypot On CentOS 5.5
Kojoney is a low level interaction honeypot that emulates an SSH server. The daemon is written in Python using the Twisted Conch libraries. In computer terminology, a honeypot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer, data, or a network site that appears to be part of a network, but is actually isolated, (un)protected, and monitored, and which seems to contain information or a resource of value to attackers. This tutorial shows how you can compile and install updated version of Kojoney on CentOS 5.5 server.
How To Defend slowloris DDoS With mod_qos (Apache2 On Debian [Lenny])
mod_qos gives some fine-grained opportunities to scale the number of used connections and to defend an attack according to bandwidth limits. Unfortunately it is only available as source-package and there are many possible settings, wich might be hard to setup for this special case. So I provide the way that helped me.
Prevent Phishing with Mutual Authentication
Phishing is a man-in-the-middle attack. While many people think using time-bound, one-time passwords will solve the problem, they are wrong as attacks will just become automated. What is required is strong mutual authentication - authentication of the host to the user as well as the user to the host. This article demonstrates how to do that using open-source software from WiKID.
Custom Boot Menu for Windows XP
One of the first things that I do upon receiving a new windows computer is create my own custom boot menu that shows up every time I boot my machine. This is especially handy when you suspect a virus; you can reboot into safe mode and scan for it.
Secure your SSH deployment with WiKID two-factor authentication
In this document we are going to demonstrate how to combine two-factor authentication from WiKID with an SSH gateway server with hosted private keys to create a highly secure, auditable and easy to use remote access solution. The WiKID Strong Authentication System is a commercial/open source two-factor authentication solution.
How to configure OpenVPN to use WiKID Strong Authentication
The WiKID Strong Authentication System is a commercial/open source two-factor authentication solution. This guide demonstrates how to OpenVPN and SSH to use one-time passwords from WiKID. While both solutions support private key authentication, that may not be sufficient for your requirements; you may need one-time passwords for webmail or extranet access; or centralized authentication management and logging.
http://www.clamav.net) as virus scanner and the E-mail Sanitizer (http://www.impsec.org/email-tools/procmail-security.html) as content filter.ISPConfig uses ClamAV (
Either with chkrootkit or with rkhunter.
Either install the package that comes with your distribution (on Debian you would run
apt-get install chkrootkit
), or download the sources from www.chkrootkit.org and install manually:
wget --passive-ftp ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz
Afterwards, you can move the chkrootkit directory somewhere else, e.g. /usr/local/chkrootkit: